Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/WEqcn7JRcK4JMCyMQ3_Q5udRm-M.roa
File: WEqcn7JRcK4JMCyMQ3_Q5udRm-M.roa (raw, json)
Hash identifier: JBDOtAdVFOtx16Q2KFfaLO6Xl0JxcA3oBR0uLBs/JQY=
Subject key identifier: 58:4A:9C:9F:B2:51:70:AE:09:30:2C:8C:43:7F:D0:E6:E7:51:9B:E3
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 0191B1D6AF9CE561646050F1547223B70A86
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/WEqcn7JRcK4JMCyMQ3_Q5udRm-M.roa
Signing time: Mon 02 Sep 2024 08:25:22 +0000
ROA not before: Mon 02 Sep 2024 08:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.0.0/21 maxlen: 21
79.101.21.0/24 maxlen: 24
87.250.32.0/19 maxlen: 19
89.39.144.0/23 maxlen: 23
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
92.244.128.0/19 maxlen: 19
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.72.48.0/20 maxlen: 20
109.92.0.0/15 maxlen: 15
109.122.77.0/24 maxlen: 24
178.79.0.0/18 maxlen: 18
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.71.88.0/22 maxlen: 22
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 08:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:d6:af:9c:e5:61:64:60:50:f1:54:72:23:b7:0a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Sep 2 08:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584a9c9fb25170ae09302c8c437fd0e6e7519be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:a7:cb:9d:b3:e3:00:c2:7f:73:49:9d:fd:
38:27:45:fa:73:6b:77:5b:ed:bb:b0:a9:f6:0a:79:
ec:c5:e8:f5:ec:02:d9:90:5c:d0:d5:dc:b4:0b:3f:
0a:3a:ca:e8:7d:10:9d:2a:72:90:49:2d:5a:47:c1:
d4:a6:25:2a:5c:1a:b4:78:34:5e:2b:5c:cc:ee:bc:
40:f5:be:20:19:87:75:0f:77:e7:17:df:65:85:ca:
15:7d:c9:c7:20:e5:ef:f9:2b:66:9f:f2:22:9c:d7:
08:41:c5:b2:f7:0d:b2:18:00:aa:00:2a:ed:d2:4b:
fb:6f:41:f1:e5:34:a5:4b:15:0b:54:b8:02:e8:43:
d0:2a:62:86:3e:10:ad:fc:99:81:1f:f3:23:25:44:
30:58:52:2f:b4:58:dd:de:81:3a:52:66:03:7d:cd:
ff:91:61:6a:c1:3f:5c:df:45:75:5b:13:1d:7f:a2:
d2:1a:e7:85:40:36:b0:e1:ef:1b:14:00:3b:1a:0d:
d6:86:fd:8e:d7:29:27:22:95:a0:22:4b:be:b0:9c:
05:7d:0c:10:39:41:61:23:1f:dd:38:c2:23:58:9f:
ca:7c:65:84:93:1c:7f:b7:83:be:b2:0e:82:ce:08:
d9:98:78:d3:d6:a9:ed:54:18:56:f6:eb:8f:c6:e8:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4A:9C:9F:B2:51:70:AE:09:30:2C:8C:43:7F:D0:E6:E7:51:9B:E3
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/WEqcn7JRcK4JMCyMQ3_Q5udRm-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
87.250.32.0/19
89.39.144.0/23
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
92.244.128.0/19
93.86.0.0/15
109.72.48.0/20
109.92.0.0/15
109.122.77.0/24
178.79.0.0/18
178.220.0.0-178.223.223.255
185.71.88.0/22
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:53:51:7e:18:fe:7b:d1:87:10:91:aa:15:2d:bc:13:39:8e:
23:75:eb:97:bd:81:74:5f:de:8d:12:96:b1:fe:bb:79:e9:25:
cd:7b:bd:38:9e:17:1c:0e:d5:c2:84:bc:39:a6:3c:0a:eb:57:
75:53:ac:05:fc:c6:3f:9a:c8:07:1e:ba:5f:99:18:85:bc:5d:
a3:66:8b:e9:de:94:1c:46:d8:c8:33:18:33:61:5d:e5:63:28:
6c:20:37:c3:87:07:58:81:7c:2d:68:c2:09:7d:2f:c7:0f:6e:
d9:d9:ae:5d:a7:f8:fd:c5:30:58:e1:2a:cc:ea:32:3c:f2:1a:
2d:2d:4e:28:b7:ce:de:a9:89:d5:f1:e6:c2:04:06:62:5c:5b:
55:52:a8:b1:d5:39:de:da:d8:11:46:05:b2:e1:a1:f6:da:31:
33:e4:b9:db:35:d1:66:19:15:9a:dd:95:be:f7:4a:9a:8c:23:
b2:58:31:a9:f9:71:8a:2f:bb:4f:01:8b:76:10:f0:ad:61:c5:
eb:47:ae:ad:46:a6:25:b9:b8:ca:da:46:f7:f4:f5:46:99:be:
8c:72:f1:42:f6:ef:10:ba:7d:99:cb:5d:c0:29:19:45:ad:29:
56:61:1d:05:c2:b2:ea:9d:82:00:c2:b1:6f:68:73:f2:b0:c7:
4a:54:ca:4e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZGx1q+c5WFkYFDxVHIjtwqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwOTAyMDgyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRhOWM5ZmIyNTE3MGFlMDkzMDJjOGM0MzdmZDBlNmU3NTE5YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEGny52z4wDCf3NJnf04J0X6c2t3
W+27sKn2Cnnsxej17ALZkFzQ1dy0Cz8KOsrofRCdKnKQSS1aR8HUpiUqXBq0eDRe
K1zM7rxA9b4gGYd1D3fnF99lhcoVfcnHIOXv+Stmn/IinNcIQcWy9w2yGACqACrt
0kv7b0Hx5TSlSxULVLgC6EPQKmKGPhCt/JmBH/MjJUQwWFIvtFjd3oE6UmYDfc3/
kWFqwT9c30V1WxMdf6LSGueFQDaw4e8bFAA7Gg3Whv2O1yknIpWgIku+sJwFfQwQ
OUFhIx/dOMIjWJ/KfGWEkxx/t4O+sg6CzgjZmHjT1qntVBhW9uuPxuj/VwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFFhKnJ+yUXCuCTAsjEN/0ObnUZvjMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvV0VxY243SlJjSzRKTUN5TVEzX1E1dWRSbS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBiAQCAAEwgYEDBAAF
muEDBAQ+ZYADBAdNLoADAwBPZQMEBVf6IAMEAVknkAMEAVkufgMEAVkvKAMEBluW
QAMEBVz0gAMDAV1WAwQEbUgwAwMBbVwDBABtek0DBAayTwAwCwMDArLcAwQFst/A
AwQCuUdYAwQCub6YAwQFw7IgAwMA1MgDBATVxGAwFAQCAAIwDgMFACoADpADBQMq
BmPAMA0GCSqGSIb3DQEBCwUAA4IBAQBfU1F+GP570YcQkaoVLbwTOY4jdeuXvYF0
X96NEpax/rt56SXNe704nhccDtXChLw5pjwK61d1U6wF/MY/msgHHrpfmRiFvF2j
Zovp3pQcRtjIMxgzYV3lYyhsIDfDhwdYgXwtaMIJfS/HD27Z2a5dp/j9xTBY4SrM
6jI88hotLU4ot87eqYnV8ebCBAZiXFtVUqix1Tne2tgRRgWy4aH22jEz5LnbNdFm
GRWa3ZW+90qajCOyWDGp+XGKL7tPAYt2EPCtYcXrR66tRqYlubjK2kb39PVGmb6M
cvFC9u8Qun2Zy13AKRlFrSlWYR0FwrLqnYIAwrFvaHPysMdKVMpO
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:23:26 2025 by rpki-client